Security Certification options

CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
Hello everyone,

I'm brand new to the site. I've been in IT just over 15 years (I don't have a BS or Masters degree), most of which was spent doing 2nd/3rd level Desktop Support, Server Administration and now network administration. As I look to the next phase of my career, security is an area that I'm looking to pursue. I see myself looking for a security engineer type role, but I am open to other positions. I hold a number of certifications as you can see in my profile, but want to work on the next one.

Most of my server experience was with Active Directory, Exchange, and VMware. I've also done a lot with disaster recover planning and testing. Nowadays, I'm on the network side of the house, but not for a huge environment.

Certifications are time consuming but I feel are necessary for me. I'm trying to decide which to do first. An obvious choice for me would continue the cisco path and go for CCNP Security or CCIE Security. Another choice I thought of was saving that for later and pursue some firewall certifications, such as CheckPoint CCSA, Palo Alto PCNSE and/or Fortinet. Not sure if I need all of those. My final option is go straight for CISSP.

Anyone heading down a similar path?

I'm self funding all of my training by the way.

- C

Comments

  • RemedympRemedymp Member Posts: 834 ■■■■□□□□□□
    The CASP might be more in your direction than anything else mentioned.
  • CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
    Remedymp wrote: »
    The CASP might be more in your direction than anything else mentioned.

    hmmm I never really heard of or looked into that one. I see now that it is a Comptia cert
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    Go the CCNP Security route if you are interested in a firewall cert and want to keep your other Cisco certifications valid. After that I would go into CISSP.

    My path was CCNP Security -> CISSP -> GCIH
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
    E Double U wrote: »
    Go the CCNP Security route if you are interested in a firewall cert and want to keep your other Cisco certifications valid. After that I would go into CISSP.

    My path was CCNP Security -> CISSP -> GCIH

    Would you not recommend CISSP => CCNP Security?

    I was looking at other firewall vendors only because not everyone uses Cisco (where my experience is)
  • cmztechcmztech Member Posts: 55 ■■□□□□□□□□
    In my own research on the topic, I feel as though CISSP gets you to the money and gets doors to fly open in both private and government sectors, much faster. As for what it sounds like you want to do, I would say CCNP Security is going to make you a better security person, skills wise. Whether it's Cisco or another vendor, in the end all networks send frames and packets.

    If you can use Cisco products then in my mind it's the difference between flying one model of a helicopter and then being forced to fly another model of helicopter. They are both choppers, but the only difference being they have different controls.

    (2 cents from a grasshopper)
  • CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
    cmztech wrote: »
    In my own research on the topic, I feel as though CISSP gets you to the money and gets doors to fly open in both private and government sectors, much faster. As for what it sounds like you want to do, I would say CCNP Security is going to make you a better security person, skills wise. Whether it's Cisco or another vendor, in the end all networks send frames and packets.

    If you can use Cisco products then in my mind it's the difference between flying one model of a helicopter and then being forced to fly another model of helicopter. They are both choppers, but the only difference being they have different controls.

    (2 cents from a grasshopper)

    It really is about opening doors too. One reason why I was not going to pursue the CCNP Security is because it tests on products/technologies that I don't use day to day. This sometimes makes retaining knowledge harder. You never want to just pass a cert and forget everything.

    I don't use CheckPoint day to day either, but I feel your analogy fits here. If I know ASA firewalls (I'm not an expert per say, getting there), I can learn CP firewalls easier. Maybe that makes me more marketable, I'm not sure.
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Since you already have your CCNA R&S and CCNA Security and you are in networking now, hold off on the CCNP Security, because you can come back to that. Go right for your CISSP, make sure you read all the requirements to become CISSP certified, then after you obtain that, go the CCNP Security, CCIE Security route.
    I am a Jack of all trades, Master of None
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    CE1028 wrote: »
    Would you not recommend CISSP => CCNP Security?

    Depends on when your CCNP R/S expires.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    Currently my Path is CCNA --->, CISSP --->, OSCP ---->, GPEN. I haven't planned beyond that.
    Still searching for the corner in a round room.
  • CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
    thanks everyone who replied. I have 2 years before my CCNP RS expires, so I have some time to decide
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    Then that is plenty of time to complete the CISSP before getting into CCNP Security.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    "Security" can have different meanings here. Do you want to manage security appliances, or do you want all-around security? There's a difference since I consider vendor-specific training to be more about knowing the ins-and-outs of product features and configuration rather than data analysis, incident response, anomaly hunting, forensics, etc..

    I've seen too many cases where someone knows products but knows little what actually happens beneath the surface. With security solutions being what they are (that is, limited) and the arms-race clearly in favor of the offense, doing good defense requires having an insight beyond what the UI tells you and digging into the raw data and questioning the design assumptions of the appliances. Being able to vet FPs comes to mind, especially with any of the firewall vendors you mentioned. I've worked with all of them to different degrees.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • CE1028CE1028 Member Posts: 84 ■■□□□□□□□□
    docrice wrote: »
    "Security" can have different meanings here. Do you want to manage security appliances, or do you want all-around security? There's a difference since I consider vendor-specific training to be more about knowing the ins-and-outs of product features and configuration rather than data analysis, incident response, anomaly hunting, forensics, etc...

    I do like managing security appliances. However, I do not want to box myself in. I don't currently have an interest in forensics
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    TechGromit wrote: »
    Currently my Path is CCNA --->, CISSP --->, OSCP ---->, GPEN. I haven't planned beyond that.

    Would you even need GPEN if you have OSCP?
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • ZzBloopzZZzBloopzZ Member Posts: 192
    E Double U wrote: »
    Would you even need GPEN if you have OSCP?

    US Gov't loves SANS certs!
Sign In or Register to comment.